Upgraded to developer edition - "Failed to find InputFile"

Hi Guys,

We’re having some problems after upgrading to the developer edition. We are using SonarQube from Azure Devops. This analysis worked perfectly fine for the solution before we switched to GIT as source control (but each branch was tracked separately as master) and after switching this worked on the community edition but only for our main branch.

I’ve switched the logging to verbose and I’ve been able to pinpoint this as being certain rules
S2083
S5145
S5146
S5144

(It almost seems related to rules in SonarAnalyzer.Security, but I haven’t been able to confirm)

The error being reported from the build pipeline is as follow:

10:13:04.459 DEBUG: loaded 25 sanitizers for rule S5145
##[error]10:13:04.459 ERROR: Failed to find InputFile for d:\a\1\s\Project.Services.Service\CodeFile.cs
10:13:04.459 DEBUG: Failed to read resource file: roslyn.sonaranalyzer.security.cs/passthroughs/S5145.json

I had this same error for multiple files and managed to get the errors down by disabling some of these rules, but I seem to be having problems with S5145 even when it’s not enabled for the profile from the server.

We are running version 7.7.0.23042

Any ideas on how I can get to the bottom of this? The strange part is that the file above is definitely there, I can find this both in the repo, in source control and even in the msbuild log before the analysis is done.

Thanks
M

Hi @mcv

We apologize for losing this from our radar. Could you please let us know what your experience was - did you manage to fix the issue?

Hi Andrei,

We’ve actually abandoned sonarqube completely now. I did figure this out eventually (By disabling every single rule one by one until it worked) but then we ran into more issues with analysis on Pull Requests and it seemed like more of a headache to get this going than to just use some other alternatives. Particularly annoyed that we paid for the software and then ended up down this path. Its even more annoying since the same error doesn’t occur on the community edition.

Hi Martin,

We’re sorry to hear that. The security rules (like S5145) are not available in community edition. That’s why the problem appeared after the upgrade.

We’re continuously working on improving the quality of our product. We hope you can reevaluate SonarQube/SonarCloud again in the future.

Hello one more time,

We’ve meantime discovered that the original issue Failed to find InputFile is raised when security-related rule is raised on a file, that was excluded from the analysis.

This problem should be fixed in next release of SonarQube 8.5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.